A Chinese website called WooYun claims about the login details of iCloud accounts of jailbreak users that their iCloud login credentials have been leaked and are stored on a private server.
According to the website, the leak was performed using certain jailbreak tweaks with back-doors and the affected users had those tweaks installed on their jailbroken devices.
After the installation of these malicious tweaks, they transferred the iCloud login details of the users which include email addresses and passwords to a remote private server.
The tweaks which allowed such an incident to happen were most probably were the pirated copies of popular tweaks and were edited by attackers to include the trojan horse code.
It is not clear that who was affected by this incident as the complete list of the iCloud accounts which were affected by this hack is not available. It is also unclear that whether Chinese users were affected by this or everyone who had those malicious tweaks installed.
The website didn’t mention the true motive behind this attack and what the hackers intend to do with all these iCloud accounts but the fact that most of the iCloud accounts contain users’ personal and private information such as messages, photos, contacts, so this could be troublesome for those users.
If you are a jailbreak user who suspects that his account has been affected by this hack then you should change your password, put2FA(Two Factor Authentication) and remove your private stuff from iCloud Drive.
[Source: WooYun] (2015)